Debian says the jbig bug isn't a critical security issue:
https://security-tracker.debian.org/tracker/CVE-2022-1210
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to tiff in Ubuntu.
https://bugs.launchpad.net/bugs/1971001
Title:
typo in my comment, recommendation is to build tiff with libjbig
disabled... sorry..
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to tiff in Ubuntu.
https://bugs.launchpad.net/bugs/1971001
Title:
Multiple vulnerabilities in Trusty,
Can Ubuntu address CVE-2022-1210 similar to other Linux Distros (RHEL,
SUSE, YOCTO,...) with not building tiff with JBIG disabled since the bug
is really in libjbig (build with --disable-jbig) . See Fedora Bug
Tracker https://bugzilla.redhat.com/show_bug.cgi?id=2072615
** Bug watch added: Red
New security versions of tiff have been released for focal and bionic.
These versions provide the corresponding fixes for CVE-2022-0907,
CVE-2022-0908, CVE-2022-0909, CVE-2022-0924 and CVE-2022-22844.
https://ubuntu.com/security/notices/USN-5523-2
--
You received this bug notification because
Impish reached end-of-life yesterday.
** Summary changed:
- Multiple vulnerabilities in Trusty, Xenial, Bionic, Focal, Impish and Jammy
+ Multiple vulnerabilities in Trusty, Xenial, Bionic, Focal and Jammy
** Description changed:
- The versions in Trusty, Xenial, Bionic, Focal, Impish and
5 matches
Mail list logo